summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-01-26s4:winsrepl.idl: add random interface uuidStefan Metzmacher1-1/+4
This is needed to include the wrepl interface into ndrdump. metze
2010-01-26s4:smbtorture: add BASE-BENCH-HOLDOPENStefan Metzmacher2-0/+64
This is useful for manual performance testing with a large number of share mode entries. metze
2010-01-26mount.cifs: don't allow it to be run as setuid root programJeff Layton1-1/+38
mount.cifs has been the subject of several "security" fire drills due to distributions installing it as a setuid root program. This program has not been properly audited for security and the Samba team highly recommends that it not be installed as a setuid root program at this time. To make that abundantly clear, this patch forcibly disables the ability for mount.cifs to run as a setuid root program. People are welcome to trivially patch this out, but they do so at their own peril. A security audit and redesign of this program is in progress and we hope that we'll be able to remove this in the near future. Signed-off-by: Jeff Layton <jlayton@redhat.com>
2010-01-26mount.cifs: check for invalid characters in device name and mountpointJeff Layton1-0/+34
It's apparently possible to corrupt the mtab if you pass embedded newlines to addmntent. Apparently tabs are also a problem with certain earlier glibc versions. Backslashes are also a minor issue apparently, but we can't reasonably filter those. Make sure that neither the devname or mountpoint contain any problematic characters before allowing the mount to proceed. Signed-off-by: Jeff Layton <jlayton@redhat.com>
2010-01-26mount.cifs: take extra care that mountpoint isn't changed during mountJeff Layton1-8/+26
It's possible to trick mount.cifs into mounting onto the wrong directory by replacing the mountpoint with a symlink to a directory. mount.cifs attempts to check the validity of the mountpoint, but there's still a possible race between those checks and the mount(2) syscall. To guard against this, chdir to the mountpoint very early, and only deal with it as "." from then on out. Signed-off-by: Jeff Layton <jlayton@redhat.com>
2010-01-26s4-smbtorture: also test smbc_getOptionUseCCacheGünther Deschner2-1/+3
2010-01-26s3: Enable use of ccache by default for libsmbclientVolker Lendecke1-0/+3
Disable this by setting the environment variable LIBSMBCLIENT_NO_CCACHE, which has the advantage over an smb.conf option to be easily settable per application.
2010-01-25Correct fix for unused variable return from ndr_decode. Use it :-).Jeremy Allison1-0/+8
Jeremy.
2010-01-25Revert "s3: remove unused Variable"Jeremy Allison1-0/+4
This reverts commit 9536d94d5478b63fc05047964b40d8786a7246c4. Bjorn, your change removed the ndr_decoding of the dos attribute. Not a good idea :-). Jeremy.
2010-01-26Revert "libreplace: fix unused varibale warning on IRIX"Björn Jacke1-2/+2
this one was broken
2010-01-26s3: fix detection and flags for using pthreadBjörn Jacke3-13/+59
I hope this fixes the build on Tru64, IRIX and maybe bug #6983
2010-01-26s3: remove unused variableBjörn Jacke1-2/+0
2010-01-26s3:async_smb: remove unused variableBjörn Jacke1-2/+0
2010-01-26libreplace: fix unused varibale warning on IRIXBjörn Jacke1-2/+2
2010-01-26s3: remove unused VariableBjörn Jacke1-4/+0
Jeremy, please check!
2010-01-26s3:netapi: remove unused variableBjörn Jacke1-2/+0
2010-01-25lib/popt: Fix typo in README.Karolin Seeger1-1/+1
Karolin
2010-01-25s3/docs: Fix typo.Karolin Seeger1-1/+1
Karolin
2010-01-25s3/registry: Fix typo in comment.Karolin Seeger1-2/+2
Karolin
2010-01-25Revert "libcli/security: Remove a call to strncasecmp"Volker Lendecke1-1/+5
This reverts commit 7c687665eaf16b0c6f83c130f6d9e5459e0b2a32.
2010-01-25Revert "libcli/security: Convert some strtol calls to strtoul"Volker Lendecke1-2/+2
This reverts commit 7fe66e06c4df575c410d4d70ff38f120c2f4363b.
2010-01-25Revert "libcli/security: Fix a valgrind error in dom_sid_parse"Volker Lendecke1-4/+0
This reverts commit f1c889a4e61d6d751cbabd8014b4345b8051b97c.
2010-01-25s4-python: Fix formatting.Jelmer Vernooij3-33/+27
2010-01-25upgrade_from_s3: Remove unused imports.Jelmer Vernooij1-2/+0
2010-01-25pyxattr: Move to the same directory as the xattr code.Jelmer Vernooij4-21/+11
2010-01-25s4 includes: Include system/locale.h to get access to <ctype.h>Kai Blin1-0/+1
2010-01-25Revert "s3: Make string_to_sid a wrapper around dom_sid_parse"Volker Lendecke1-7/+50
This reverts commit dff03b61fd5d923562711b38cc7dbe996dc07283.
2010-01-25Revert "libcli/security: Prohibit SID formats like S-1-5-32-+545"Volker Lendecke1-13/+0
This reverts commit 1fbeae41655b8305834f2149b1268077eba8633d. Apparently this breaks the build of Samba4
2010-01-25s4-smbtorture: test wbcResolveWinsByName/wbcResolveWinsByIP in ↵Günther Deschner1-0/+35
WINBIND-WBCLIENT testsuite. Guenther
2010-01-25s4-smbtorture: add test for wbcPingDc to WINBIND-WBCLIENT testsuite.Günther Deschner1-1/+12
Volker, please check, you know best how this interface is designed :-) Guenther
2010-01-25s4-smbtorture: split spoolss_RemoteFindFirstPrinterChangeNotifyEx test into ↵Günther Deschner1-73/+108
smaller parts. Guenther
2010-01-25testprogs: print all driver info levels in spoolss testsuite.Günther Deschner3-0/+172
Guenther
2010-01-24s3-libsmbclient: Add smbc_setOptionUseCCache()Volker Lendecke4-0/+50
Can we enable this by default? This would be a change in behaviour, but this feature is just too cool for everyone to catch up in the apps. The patch would be
2010-01-24s3: Add --use-ccache to netVolker Lendecke4-0/+9
2010-01-24s3: add libnetapi_set_use_ccache()Volker Lendecke3-0/+16
2010-01-24s3: Fix a bug in net's use of poptVolker Lendecke1-1/+1
In order to add --use-ccache to net, I added another "bool opt_ccache;" to struct net_context. popt did not like this, it took a while to figure out why. Popt has the lines /* XXX Check alignment, may fail on funky platforms. */ if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1))) return POPT_ERROR_NULLARG; The "bool opt_ccache;" was not aligned anymore...
2010-01-24s3: Enable -C in rpcclientVolker Lendecke1-0/+3
2010-01-24s3: Add CLI_FULL_CONNECTION_USE_CCACHEVolker Lendecke2-0/+4
2010-01-24s3: Use -C in smbclientVolker Lendecke1-0/+1
$ bin/wbinfo --ccache-save=w2k3ad\\vl%Password saving creds succeeded $ bin/smbclient //192.168.42.160/tmp -Uvl -N -C -W w2k3ad OS=[Windows Server 2003 R2 3790 Service Pack 2] Server=[Windows Server 2003 R2 5.2] smb: \> $ bin/wbinfo --ccache-save=w2k3ad\\vl%WrongPassword saving creds succeeded $ bin/smbclient //192.168.42.160/tmp -Uvl -N -C -W w2k3ad Anonymous login successful Domain=[W2K3AD] OS=[Windows Server 2003 R2 3790 Service Pack 2] Server=[Windows Server 2003 R2 5.2] tree connect failed: NT_STATUS_ACCESS_DENIED $
2010-01-24s3: Add -C (--use-ccache) to popt_common_credentialsVolker Lendecke4-1/+20
2010-01-24s3: Add ccache use to cli_session_setup_ntlmsspVolker Lendecke2-0/+5
2010-01-24s3: Add NTLMSSP_FEATURE_CCACHEVolker Lendecke3-5/+73
Uses the winbind ccache to do authentication if asked to do so
2010-01-24libwbclient: Actually implement wbcCredentialCache()Volker Lendecke1-1/+127
2010-01-24s3: Add the session key to the ccache_ntlm_auth responseVolker Lendecke2-5/+21
2010-01-24s3: Add wbinfo --ccache-saveVolker Lendecke8-1/+162
With this command you can give winbind your password for later use by the automatic ntlm_auth
2010-01-24s3: Remove some calls to memset -- reduces text size by some bytes for meVolker Lendecke2-13/+5
2010-01-24libwbclient: Use winbindd_free_response()Volker Lendecke3-51/+21
2010-01-24libwbclient: Remove a pointless talloc_strdupVolker Lendecke1-12/+5
2010-01-23s4-provision: Added msDS-NcType into samba4Top object classEndi S. Dewata1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-01-23s4-provision: Fixed typos and redundant codeEndi S. Dewata1-10/+10
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
generated by cgit (git 2.34.1) at 2024-07-19 18:42:27 +0000